(MS11-055) Vulnerability in Microsoft Visio Could Allow Remote Code Execution (2560847)
Publish Date: 14 de lipca de 2011
Severity: : High
CVE Kennungen: : CVE-2010-3148
Advisory Date: 14 de lipca de 2011
DESCRIPTION
This bulletin addresses a publicly disclosed vulnerability in Microsoft Visio, which could lead to arbitrary code execution if a remote user opens a legitimate Visio file located in the same network as a malicious library file. If successfully exploited, this may lead to remote user gaining same user rights as the logged-on user.
INFORMATION EXPOSURE
For information on patches specific to the affected software, please proceed to the Microsoft Web page.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1004730
Trend Micro Deep Security DPI Rule Name: Microsoft Visio Insecure Library Loading Vulnerability Over Network Share
AFFECTED SOFTWARE AND VERSION:
- Microsoft Visio 2003 Service Pack 3